Lucene search
K

9 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.3 views

SUSE CVE-2018-16984

An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the "view" permission new in Django 2.1...

5.3CVSS7.9AI score0.02033EPSS
Exploits0References3
ALT Linux
ALT Linux
added 2019/07/15 12:0 a.m.39 views

Security fix for the ALT Linux 9 package python3-module-django version 2.2.3-alt1

July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...

5.8CVSS6.6AI score0.2549EPSS
Exploits0
ALT Linux
ALT Linux
added 2019/07/15 12:0 a.m.22 views

Security fix for the ALT Linux 10 package python3-module-django version 2.2.3-alt1

July 15, 2019 Alexey Shabalin 2.2.3-alt1 - 2.2.3 - build python3 only - rename package to python3-module-django2.2 - Fixes for the following security vulnerabilities: + CVE-2019-12781 Incorrect HTTP detection with reverse-proxy connecting via HTTPS + CVE-2019-12308 AdminURLFieldWidget XSS +...

5.8CVSS6.6AI score0.2549EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/10/04 12:0 a.m.28 views

FreeBSD : Django -- password hash disclosure (004d8c23-c710-11e8-98c7-000c29434208)

Django release notes : CVE-2018-16984: Password hash disclosure to 'view only' admin users If an admin user has the change permission to the user model, only part of the password hash is displayed in the change form. Admin users with the view but not change permission to the user model were...

4.9CVSS6.3AI score0.02033EPSS
Exploits0References3
NVD
NVD
added 2018/10/02 6:29 p.m.21 views

CVE-2018-16984

An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the "view" permission new in Django 2.1...

4.9CVSS5AI score0.02033EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/10/02 6:29 p.m.22 views

CVE-2018-16984

An issue was discovered in Django 2.1 before 2.1.2, in which unprivileged users can read the password hashes of arbitrary accounts. The read-only password widget used by the Django Admin to display an obfuscated password hash was bypassed if a user has only the "view" permission new in Django 2.1...

4.9CVSS6.8AI score0.02033EPSS
Exploits0References2
CVE
CVE
added 2018/10/02 6:0 p.m.141 views

CVE-2018-16984

CVE-2018-16984 affects Django 2.1 before 2.1.2, where unprivileged admin users with view permissions can see full password hashes in the change form. The issue is due to bypassing the read-only password widget used to obfuscate hashes. Public records across multiple feeds (including Debian/ALT Li...

4.9CVSS5.2AI score0.02033EPSS
Exploits0References3Affected Software1
FreeBSD
FreeBSD
added 2018/10/02 12:0 a.m.497 views

Django -- password hash disclosure

Django release notes: CVE-2018-16984: Password hash disclosure to "view only" admin users If an admin user has the change permission to the user model, only part of the password hash is displayed in the change form. Admin users with the view but not change permission to the user model were...

4.9CVSS1.2AI score0.02033EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2018/10/01 12:0 a.m.24 views

[ASA-201810-5] python-django: information disclosure

Arch Linux Security Advisory ASA-201810-5 ========================================= Severity: Medium Date : 2018-10-01 CVE-ID : CVE-2018-16984 Package : python-django Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-773 Summary ======= The package python-django...

4.9CVSS0.3AI score0.02033EPSS
Exploits0References4
Rows per page
Query Builder